Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC-F 7.2.0 Administration Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Groups

    Groups

    Groups allow you to put like items together. By creating groups you eliminate the need to configure and control items within the group individually. For example, if you put a set of ports in a group, you can modify the group settings and affect all of the ports simultaneously. Groups can contain other groups.

    Use the Groups view to add, modify, and delete groups within FortiNAC. FortiNAC comes with some standard groups over which it maintains ownership. These are marked as system groups. Create user-owned groups to group devices, ports, hosts or users. Associate these groups with scheduled tasks to perform a variety of functions.

    Groups can be used to assign policies or roles to hosts or users.

    If there are more than 2000 groups in the database, the groups are not automatically displayed. Instead, a confirmation dialog is shown asking if you would like to continue. Note that large numbers of records may load very slowly if not filtered. Choose Yes to display all groups or No to reduce the number displayed by using the filters.

    Settings

    Field

    Definition

    Name

    Name used to identify the group.

    Type

    Indicates whether this is a group of ports, devices, IP phones, hosts, users or administrators.

    Owner

    Creator of the group. System indicates that the group was created by FortiNAC. User indicates that an administrator created the group.

    Members

    The number of items contained within the group. For example, if this is a host group, this number indicates the total number of hosts in the group. If this group contains sub-groups, the number includes those items in each sub-group.

    Days Valid

    This column only applies to Host groups. The Expiration Date for hosts in this group is calculated using the number of days valid. For example, if a host is added to the group on 01/01/2011 and days valid is set to 30, the host's Expiration Date is set to 01/31/2011. The Expiration Date is set when a host is added to the group or when the Days Valid is edited. See Aging hosts in a group for more information.

    Days Inactive

    This column only applies to Host groups. The number of days of network inactivity after which hosts in this group are removed from the database. For example, if this is set to three and a host in this group has not connected to the network for three days, the host record is removed from the database. See Aging hosts in a group for more information.

    Description

    User specified description for the selected group.

    Last Modified By

    User name of the last user to modify the group.

    Last Modified Date

    Date and time of the last modification to this group.

    Right click options

    Copy Group

    Creates a copy of the selected group.

    Delete

    Deletes the selected group.

    Group Member Of

    Displays groups in which this group is a member. A group can be a sub-group of another group of the same type. See Group membership.

    In Use

    Provides a list of other features that reference this group, such as a Policy Mapping or a Scheduled Task. See Group in use.

    Note

    System-owned groups will not be displayed as "In Use", even though they are in use by the system.

    Manages

    Applies only to administrator groups. Administrator groups can be designated to manage groups of devices or hosts. See Limit user access with groups.

    Modify

    Opens the Modify Group window. See Modify a group.

    Modify Device Properties

    Applies only to device groups. Allows you to modify multiple devices at the same time.

    Set Aging

    Allows you to set Days Valid and Days Inactive for the selected host group. Days valid and days inactive are used to calculate the date when the host is aged out of the database. Date is set when a host is added to the group or when the fields are modified. See Aging hosts in a group.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF.

    Show Members

    Opens the Group Members window and displays a list of all of the items within the group. Indicates whether the item is a member of the main group or a sub-group. See Show group members.
    Previous
    Next

    Groups

    Groups

    Groups allow you to put like items together. By creating groups you eliminate the need to configure and control items within the group individually. For example, if you put a set of ports in a group, you can modify the group settings and affect all of the ports simultaneously. Groups can contain other groups.

    Use the Groups view to add, modify, and delete groups within FortiNAC. FortiNAC comes with some standard groups over which it maintains ownership. These are marked as system groups. Create user-owned groups to group devices, ports, hosts or users. Associate these groups with scheduled tasks to perform a variety of functions.

    Groups can be used to assign policies or roles to hosts or users.

    If there are more than 2000 groups in the database, the groups are not automatically displayed. Instead, a confirmation dialog is shown asking if you would like to continue. Note that large numbers of records may load very slowly if not filtered. Choose Yes to display all groups or No to reduce the number displayed by using the filters.

    Settings

    Field

    Definition

    Name

    Name used to identify the group.

    Type

    Indicates whether this is a group of ports, devices, IP phones, hosts, users or administrators.

    Owner

    Creator of the group. System indicates that the group was created by FortiNAC. User indicates that an administrator created the group.

    Members

    The number of items contained within the group. For example, if this is a host group, this number indicates the total number of hosts in the group. If this group contains sub-groups, the number includes those items in each sub-group.

    Days Valid

    This column only applies to Host groups. The Expiration Date for hosts in this group is calculated using the number of days valid. For example, if a host is added to the group on 01/01/2011 and days valid is set to 30, the host's Expiration Date is set to 01/31/2011. The Expiration Date is set when a host is added to the group or when the Days Valid is edited. See Aging hosts in a group for more information.

    Days Inactive

    This column only applies to Host groups. The number of days of network inactivity after which hosts in this group are removed from the database. For example, if this is set to three and a host in this group has not connected to the network for three days, the host record is removed from the database. See Aging hosts in a group for more information.

    Description

    User specified description for the selected group.

    Last Modified By

    User name of the last user to modify the group.

    Last Modified Date

    Date and time of the last modification to this group.

    Right click options

    Copy Group

    Creates a copy of the selected group.

    Delete

    Deletes the selected group.

    Group Member Of

    Displays groups in which this group is a member. A group can be a sub-group of another group of the same type. See Group membership.

    In Use

    Provides a list of other features that reference this group, such as a Policy Mapping or a Scheduled Task. See Group in use.

    Note

    System-owned groups will not be displayed as "In Use", even though they are in use by the system.

    Manages

    Applies only to administrator groups. Administrator groups can be designated to manage groups of devices or hosts. See Limit user access with groups.

    Modify

    Opens the Modify Group window. See Modify a group.

    Modify Device Properties

    Applies only to device groups. Allows you to modify multiple devices at the same time.

    Set Aging

    Allows you to set Days Valid and Days Inactive for the selected host group. Days valid and days inactive are used to calculate the date when the host is aged out of the database. Date is set when a host is added to the group or when the fields are modified. See Aging hosts in a group.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF.

    Show Members

    Opens the Group Members window and displays a list of all of the items within the group. Indicates whether the item is a member of the main group or a sub-group. See Show group members.
    Previous
    Next